﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Security;
using System.Data.SqlClient;
using System.Data;
using IEWebSite.BE;

namespace IEWebSite.Administration
{
    public partial class LogIn : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void LoginUser_Authenticate(object sender, AuthenticateEventArgs e)
        {
            SqlConnection sqlConn = Utils.GetSqlConnection();
            try
            {
                sqlConn.Open();
				SqlCommand sqlCmd = new SqlCommand("SELECT IdSysUserRole FROM [User] WHERE CAST(RTRIM(Username) AS VarBinary)= CAST(RTRIM(@username) AS VarBinary) AND CAST(RTRIM(Password) AS VarBinary)=CAST(RTRIM(@password) AS VarBinary)", sqlConn);
				SqlParameter sqlParam = new SqlParameter("@username", SqlDbType.NVarChar, 50);sqlParam.Value = Login1.UserName;
				sqlCmd.Parameters.Add(sqlParam);
				sqlParam = new SqlParameter("@password", SqlDbType.NVarChar,50); sqlParam.Value = Login1.Password;
                sqlCmd.Parameters.Add(sqlParam);

				Object res = sqlCmd.ExecuteScalar();
				if (res != null && res != DBNull.Value)
                {
					FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet);
					e.Authenticated = true;
                }
                else
                {
                    e.Authenticated = false;
                }
            }
            catch (Exception ex)
            {
                lblError.Text = "Eroare: " + ex.Message;
            }
            finally
            {
                sqlConn.Close();
            }
        }
    }
}
